xelya.io

.io crawl

First seen 2026-05-08 · Last seen 2026-05-08 · ok HTTP/1.1 200 8660 ms crawled 2026-05-15

FR · 194.50.29.124 · AS39495 Xelya SAS

Reputation 89/100 weak security headers dmarc monitor-only

Classifying

HTML metadata

Title: Xelya - Sign in
Language: en

Technology

Server: Microsoft-IIS

DNS records live

NS

ns1-02.azure-dns.com
ns2-02.azure-dns.net
ns3-02.azure-dns.org
ns4-02.azure-dns.info

MX

10 mx5.colibriwithus.com
10 mx6.colibriwithus.com

TXT

MS=ms93770949
detectify-verification=8362598a9b3feea330a1527075d5973b

Email authentication partial

SPF: v=spf1 include:spf.xelya.io include:spf.protection.outlook.com ~all
softfail (~all)
DMARC: v=DMARC1; p=none; rua=mailto:report@dmarc.xelya.io; sp=none;
policy: none (monitoring only) · sp=none
DKIM: no key found at common selectors

Certificate (current)

Sectigo Public Server Authentication CA DV E36

from 2025-11-17 to 2026-12-19

Expires in 213 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 45/100 Checked live page: https://sso.xelya.io/SignIn?authorize-query=%7B%22AllowedExternalProviders%22%3A%5B1,2,3%5D,%22LogoAppId%22%3A%22124fa17e-d11d-423a-95a0-9f5ecbb6c7ca%22,%22OpenIdQuery%22%3A%22%3Fclient_id%3D124fa17e-d11d-423a-95a0-9f5ecbb6c7ca%5Cu0026request_uri%3Durn%253Aietf%253Aparams%253Aoauth%253Arequest_uri%253AC05-Tdb1DQVJJpeiTXZmCN62us--8w7D9ujJH3deWSw%22%7D

present

strict-transport-security

findings

short HSTS max-age
missing Content Security Policy
missing frame protection
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

strict-transport-security: max-age=43200

Linked from (1)

servizen.fr×1